Logo
Cisco Secure Endpoint API Documentation

Create: CozyDuke

POST https://{{CTIA_host}}/ctia/casebook?size=100

 

Body PARAM

Key Datatype Required Description 
size
number



HEADERS

Key Datatype Required Description 




RESPONSES

status





Curl
curl -X POST 'https://CTIA_host/ctia/casebook?size=100?size=100' -d '{"description":"**Notes for my API generated Casebook**\n- [x] Generate a SecureX OAUTH Token\n- [x] Store the Token to be used for several API calls\n- [x] The Post requests includes a JSON formatted body including all casebok information\n- [ ] Review the Response provided\n- [ ] Response is JSON formatted\n\n***\n\n\n**Other Notes when using the API to manage the**\n- CTIA API documentation: https://private.intel.amp.cisco.com/index.html#/\n\n","schema_version":"1.1.3","observables":[{"value":"b86923a9d13d2e4c07bef3c15b940c17af3318b52f2edb598b66c2ea640eefd9","type":"sha256"},{"value":"f8f1c210a8c863efc0f6b8ac3553030a14a702ce8cf573cb5e9cd58f70c7c622","type":"sha256"},{"value":"6c8eea3ba31463a04d041f4c9ff50b50d9b5945d3306fee35fb4b5bfd292692b","type":"sha256"},{"value":"41270685a7496961e625773bcfe1ac50727847c66de69a9b2a2bf34699c30f54","type":"sha256"},{"value":"loki\\carl","type":"user"},{"value":"examplemalwaredomain.com","type":"domain"},{"value":"http://146.112.62.39","type":"url"},{"value":"146.112.62.39","type":"ip"},{"value":"mim.exe","type":"file_name"},{"value":"c:\\windows\\system32\\netsh.exe","type":"file_path"},{"value":"administrator","type":"user"},{"value":"carl.minion@acme.demo","type":"email"},{"value":"http://10.10.10.200:8000/bin/Installer.msi","type":"url"},{"value":"10.10.10.200","type":"ip"},{"value":"4a71abed8003ed6e38998be7324f3d87","type":"md5"},{"value":"python.exe","type":"file_name"},{"value":"msiexec.exe","type":"file_name"},{"value":"a979a84649b0e0ee43f295e7bc8d0dc6520512d007119973b4cbb4db0af26e3a","type":"sha256"},{"value":"wmic.exe","type":"file_name"},{"value":"raw.githubusercontent.com","type":"domain"},{"value":"https://raw.githubusercontent.com/mattifestation/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps","type":"url"}],"type":"casebook","short_description":"Generated using the API","title":"API-generated Casebook","tlp":"amber"}'

ENDPOINTS